FEX Imager™ Logo

FEX Imager™

0
Free
Visit Website

A forensic imaging program that acquires or hashes a bit-level forensic image with full MD5, SHA1, SHA256 hash authentication. It supports acquiring physical drives, logical drives, folders, files, remote devices, and re-acquiring forensic images. The tool can write forensic image files in DD/RAW, E01, or L01 formats with various compression methods available.

FEATURES

ALTERNATIVES

Orochi is a collaborative forensic memory dump analysis framework.

Automated collection tool for incident response triage in Windows systems.

ShadowCopy Analyzer is a tool for cybersecurity researchers to analyze and utilize the ShadowCopy technology for file recovery and system restoration.

A suite of console tools for working with timestamps in Windows with 100-nanosecond precision.

mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.

Dump iOS Frequent Locations from StateModel#.archive files.

A digital artifact extraction framework for extracting data from volatile memory (RAM) samples, providing visibility into the runtime state of a system.

Automated tool for parsing Windows registry hives and extracting valuable information for forensic analysis.